What do you use for a local DNS server?
-
I am thinking about using a CentOS server
Better option? Maybe a security appliance that has one built in?
This is for home use, not business.
Thanks for your help!
-
I'm going to be running BIND on CentOS 7 at home when I get the extra time to get it up and running.
-
I just use dnsmasq on my EdgeRouter. If you're using Linux, another simple option is to use scp or something like Ansible to push out hosts to each /etc/hosts file.
-
@johnhooks I have a Edge Router X! Can you tell me more about that? How do I set that up?
-
@anonymous said:
@johnhooks I have a Edge Router X! Can you tell me more about that? How do I set that up?
There are a few ways. The easiest is to just add the hosts to the /etc/hosts file and do
service dnsmasq restart
.You can also use the config tree to add them under the config tree in service>static host mapping.
You can also do
set system static-host-mapping host-name <hostname> inet <ip address>
-
@johnhooks Thanks for that, however I don't want to have to edit any files.
-
@anonymous said:
@johnhooks Thanks for that, however I don't want to have to edit any files.
The second two options do it for you. You can just add them through the GUI or just type the second command in the cli.
-
@johnhooks Why do I have to add anything? Why can't it just use the hostname from DHCP?
-
@anonymous
Ah it does have that option. I missed that before. It's under service>dhcp-server>hostfile-update
-
@johnhooks I would still have to add static ip addresses right?
-
@anonymous said:
@johnhooks I would still have to add static ip addresses right?
Yes.
-
@anonymous said:
@johnhooks Thanks for that, however I don't want to have to edit any files.
How will you run DNS without editing files?
-
Pretty much the only DNS server I would run would be BIND if I was putting it on a server.
-
I use my Mikrotik router. Had a forum post on config here.
-
@scottalanmiller Whats wrong with dnsmasq?
-
@anonymous said:
@scottalanmiller Whats wrong with dnsmasq?
It's fine, just meant to be a forwarder not a DNS server. It has limited capability to serve out a small text file when needed. If you are going to use it, why not just push hosts files around?
-
@scottalanmiller That's a fair point. I guess my problem is my hostnames are changing all the time as I add/remote/change VM's etc.
-
@anonymous said:
@scottalanmiller That's a fair point. I guess my problem is my hostnames are changing all the time as I add/remote/change VM's etc.
Makes sense. If you are adding or removing with Ansible or Chef that would solve that.
Where are you using all of the host names? I do this all the time but I only access them from the jump box normally. Do you have services that need to talk to one another but are being created and destroyed regularly?
-
@scottalanmiller That's the whole reason I want DNS setup. I want to be able to SSH by hostname, not IP address, however I guess your right, maybe I just need to setup the host names on the jumpbox.
-
I saw a presentation at a conference 5 or 6 years ago from an IANA guy. He said they're so paranoid about DNS that they have multiples of everything for the same letter root DNS server. They use hard drives, power supplies, network cables, DNS software, firewalls, etc all from multiple different companies. He also said they've gotten DoS attacks over 10Gbps. He said they were one of the driving forces for NGFW manufacturers to start making firewalls that could do 10Gbps. He said they've been able to sustain DoS attacks and not go down...you guys better! Pretty crazy stuff.